npm - create-frontify-backend - Versions diffs - 1.0.12 - Mend

create-frontify-backend 1.0.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

package/templates/backend/my-backend-template/package.json ADDED Viewed

@@ -0,0 +1,43 @@
+{
+  "name": "backend-project",
+  "private": true,
+  "version": "1.3.0",
+  "description": "",
+  "main": "server.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "start": "node server.js",
+    "start-watch": "node --inspect --watch-path=./ ./server.js",
+    "dev": "nodemon server.js",
+    "lint": "eslint ."
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "type": "module",
+  "dependencies": {
+    "bcrypt": "^6.0.0",
+    "bcryptjs": "^3.0.3",
+    "cookie-parser": "^1.4.7",
+    "cors": "^2.8.5",
+    "dotenv": "^17.2.3",
+    "express": "^5.2.1",
+    "express-rate-limit": "^8.2.1",
+    "express-validator": "^7.3.1",
+    "helmet": "^8.1.0",
+    "jsonwebtoken": "^9.0.3",
+    "mongoose": "^9.0.1",
+    "morgan": "^1.10.1",
+    "nodemailer": "^7.0.11",
+    "winston": "^3.19.0"
+  },
+  "devDependencies": {
+    "@eslint/js": "^9.39.2",
+    "eslint": "^9.39.2",
+    "eslint-config-prettier": "^10.1.8",
+    "eslint-plugin-import": "^2.32.0",
+    "eslint-plugin-prettier": "^5.5.4",
+    "globals": "^16.5.0",
+    "nodemon": "^3.1.11"
+  }
+}

package/templates/backend/my-backend-template/server.js ADDED Viewed

@@ -0,0 +1,11 @@
+import app from './src/app.js'
+import logger from './src/loggers/winston.logger.js'
+import config from './src/config/config.js';
+import connectedToDatabase from './src/config/db.js';
+connectedToDatabase();
+app.listen(config.PORT, () => {
+    logger.info(`Server is running on port ${config.PORT}`);
+    logger.info(`Environment: ${config.NODE_ENV || 'development'}`);
+});

package/templates/backend/my-backend-template/src/app.js ADDED Viewed

@@ -0,0 +1,57 @@
+import express from 'express';
+import cors from 'cors';
+import helmet from 'helmet';
+import cookieParser from 'cookie-parser'
+import { generalRateLimiter } from './middlewares/rateLimiter.middleware.js'
+import morganLogger from './loggers/morgan.logger.js'
+import config from './config/config.js'
+const app = express();
+app.use(
+    cors(
+        {
+            origin: config.FRONTEND_URL,
+            credentials: true,
+        }
+    ));
+app.use(morganLogger);
+app.use(helmet());
+app.use(express.json({ limit: '100kb' }));
+app.use(express.urlencoded({ extended: true, limit: '100kb' }));
+app.use(cookieParser());
+app.use(generalRateLimiter)
+// import routes
+import authRoutes from "./routes/auth.routes.js";
+import errorHandler from './middlewares/error.handler.js'
+// Auth Routes
+app.use('/api/v1/auth', authRoutes)
+// // Simple route for checking server status
+app.get('/', (req, res) => {
+    res.status(200).json({
+        status: 'success',
+        message: 'Welcome to the Backend Starter',
+        environment: config.NODE_ENV,
+        documentation: 'docs.testdog.in',
+    });
+});
+// // 404 route handler for undefined routes
+app.all('*name', (req, res, next) => {
+    const err = new Error(`Can't find ${req.originalUrl} on this server!`);
+    err.statusCode = 404;
+    err.status = 'fail';
+    next(err);
+});
+app.use(errorHandler)
+export default app;

package/templates/backend/my-backend-template/src/config/config.js ADDED Viewed

@@ -0,0 +1,24 @@
+import dotenv from 'dotenv';
+dotenv.config();
+const _config = {
+    NODE_ENV: process.env.NODE_ENV || 'development',
+    PORT: process.env.PORT || 3000,
+    WEB_URL: process.env.WEB_URL || 'https://yourdomain.com',
+    FRONTEND_URL: process.env.FRONTEND_URL || 'http://localhost:5173',
+    DB_URL: process.env.DB_URL || 'mongodb://localhost:27017/mydatabase',
+    JWT_SECRET: process.env.JWT_SECRET,
+    GOOGLE_CLIENT_ID: process.env.GOOGLE_CLIENT_ID,
+    GOOGLE_CLIENT_SECRET: process.env.GOOGLE_CLIENT_SECRET,
+    GOOGLE_REFRESH_TOKEN: process.env.GOOGLE_REFRESH_TOKEN,
+    GOOGLE_CALLBACK_URL: process.env.GOOGLE_CALLBACK_URL,
+    GMAIL_USER: process.env.GMAIL_USER,
+    EMAIL_HOST: process.env.EMAIL_HOST,
+    EMAIL_PORT: process.env.EMAIL_PORT,
+    EMAIL_USER: process.env.EMAIL_USER,
+    EMAIL_PASSWORD: process.env.EMAIL_PASSWORD,
+};
+export default _config;

package/templates/backend/my-backend-template/src/config/db.js ADDED Viewed

@@ -0,0 +1,18 @@
+import mongoose from 'mongoose';
+import logger from '../loggers/winston.logger.js'
+import config from './config.js'
+const connectedToDatabase = () => {
+    const dbUrl = config.DB_URL;
+    mongoose
+        .connect(dbUrl)
+        .then(() => {
+            logger.info('Connected to MongoDB')
+        })
+        .catch((err) => {
+            logger.error('Error connecting to MongoDB', err)
+        })
+}
+export default connectedToDatabase;

package/templates/backend/my-backend-template/src/config/email.config.js ADDED Viewed

@@ -0,0 +1,19 @@
+import nodemailer from "nodemailer";
+import config from "./config.js";
+/**
+ * Create Nodemailer transporter
+ * -----------------------------
+ * Uses simple SMTP (no Google OAuth)
+ */
+export const createTransporter = () => {
+    return nodemailer.createTransport({
+        host: config.EMAIL_HOST,        // e.g. smtp.gmail.com
+        port: config.EMAIL_PORT,        // 587
+        secure: false,                  // true for 465, false for 587
+        auth: {
+            user: config.EMAIL_USER,      // your email
+            pass: config.EMAIL_PASSWORD,  // app password
+        },
+    });
+};

package/templates/backend/my-backend-template/src/constants/constants.js ADDED Viewed

@@ -0,0 +1,5 @@
+export const ACCESS_TOKEN_EXPIRATION = '1h';
+export const REFRESH_TOKEN_EXPIRATION = '30d';
+export const FORGOT_PASSWORD_TOKEN_EXPIRATION = '15m';
+export const VERIFICATION_TOKEN_EXPIRATION = '10m';
+export const ISSUER = "Backend Starter";

package/templates/backend/my-backend-template/src/controllers/auth.controller.js ADDED Viewed

@@ -0,0 +1,196 @@
+import asyncHandler from "../utils/asyncHandler.js";
+import config from "../config/config.js";
+import userService from "../services/userServices.js";
+import { sendVerificationEmail } from "../utils/sendEmail.js";
+import appError from '../utils/appError.js';
+const authController = {
+    /**
+     * Register user
+     */
+    register: asyncHandler(async (req, res) => {
+        const user = await userService.register(req.body);
+        const accessToken = userService.generateAccessToken({
+            userId: user._id,
+            username: user.username,
+            email: user.email,
+        });
+        const refreshToken = userService.generateRefreshToken({
+            userId: user._id,
+        });
+        res.cookie("refreshToken", refreshToken, {
+            httpOnly: true,
+            secure: true, // Use secure cookies in production
+            sameSite: 'none',
+        });
+        res.cookie("accessToken", accessToken, {
+            httpOnly: true,
+            secure: true, // Use secure cookies in production
+            sameSite: 'none',
+        });
+        res.status(201).json({
+            success: true,
+            data: user,
+            accessToken,
+            refreshToken,
+        });
+    }),
+    /**
+     * Login user
+     */
+    login: asyncHandler(async (req, res, next) => {
+        const { email, password } = req.body;
+        if (!email || !password) {
+            return next(appError("Email and password are required", 400));
+        }
+        const user = await userService.login(email, password);
+        const accessToken = userService.generateAccessToken({
+            userId: user._id,
+            username: user.username,
+            email: user.email,
+        });
+        const refreshToken = userService.generateRefreshToken({
+            userId: user._id,
+        });
+        res.cookie("refreshToken", refreshToken, {
+            httpOnly: true,
+            secure: true, // Use secure cookies in production
+            sameSite: 'none',
+        });
+        res.cookie("accessToken", accessToken, {
+            httpOnly: true,
+            secure: true, // Use secure cookies in production
+            sameSite: 'none',
+        });
+        res.status(200).json({
+            success: true,
+            data: user,
+            accessToken,
+            refreshToken,
+        });
+    }),
+    /**
+     * Get current user
+     */
+    getMe: asyncHandler(async (req, res, next) => {
+        if (!req.user) {
+            return next(appError("Unauthorized", 401));
+        }
+        const user = await userService.getMe(req.user._id);
+        if (!user) {
+            return next(appError("User not found", 404));
+        }
+        res.status(200).json({
+            success: true,
+            data: user,
+        });
+    }),
+    /**
+     * Refresh access token
+     */
+    refreshAccessToken: asyncHandler(async (req, res, next) => {
+        let refreshToken;
+        if (req.cookies.refreshToken) {
+            refreshToken = req.cookies.refreshToken;
+        } else if (req.body.refreshToken) {
+            refreshToken = req.body.refreshToken;
+        } else {
+            return next(appError("Refresh token is required", 401));
+        }
+        if (!refreshToken) {
+            return next(appError("Refresh token is required", 401));
+        }
+        const decoded = userService.verifyRefreshToken(refreshToken);
+        const accessToken = userService.generateAccessToken({
+            userId: decoded.id,
+        });
+        res.status(200).json({
+            success: true,
+            accessToken,
+        });
+    }),
+    /**
+     * Logout (stateless)
+     */
+    logout: asyncHandler(async (req, res) => {
+        res.clearCookie("refreshToken");
+        res.clearCookie("accessToken");
+        res.status(200).json({
+            success: true,
+            message: "Logged out successfully",
+        });
+    }),
+    /**
+     * Send verification email
+     */
+    verifyEmail: asyncHandler(async (req, res, next) => {
+        const { email } = req.body;
+        if (!email) {
+            return next(appError("Email is required", 400));
+        }
+        const token = await userService.generateVerificationToken(email);
+        const verifyUrl = `${config.NODE_ENV === "production"
+            ? `${config.WEB_URL}`
+            : "http://localhost:3000"
+            }/verify-email?token=${token}`;
+        await sendVerificationEmail(email, verifyUrl);
+        res.status(200).json({
+            success: true,
+            message: "Verification email sent",
+        });
+    }),
+    /**
+     * Verify email token
+     */
+    verifyEmailToken: asyncHandler(async (req, res, next) => {
+        const { token } = req.query;
+        if (!token) {
+            return next(appError("Token is required", 400));
+        }
+        const user = await userService.verifyEmail(token);
+        res.status(200).json({
+            success: true,
+            message: "Email verified successfully",
+            user,
+        });
+    }),
+};
+export default Object.freeze(authController);

package/templates/backend/my-backend-template/src/dao/user.dao.js ADDED Viewed

@@ -0,0 +1,86 @@
+import User from "../models/user.model.js";
+/**
+ * User Data Access Object
+ * ----------------------
+ * Single default export
+ * Multiple methods attached to one object
+ */
+const userDAO = {
+    /**
+     * Create a new user
+     */
+    async create(data) {
+        return await User.create(data);
+    },
+    /**
+     * Find user by email (login use-case)
+     * Password included explicitly
+     */
+    async findByEmail(email) {
+        return await User.findOne({ email }).select("+password");
+    },
+    async findByUsername(username) {
+        return await User.findOne({ username }).select("+password");
+    },
+    /**
+     * Find user by ID (safe fields)
+     */
+    async findById(userId) {
+        return await User.findById(userId).select("-password -__v");
+    },
+    /**
+     * Update user by ID
+     */
+    async updateById(userId, updates) {
+        return await User.findByIdAndUpdate(userId, updates, {
+            new: true,
+            runValidators: true,
+        }).select("-password -__v");
+    },
+    /**
+     * Delete user by ID
+     */
+    async deleteById(userId) {
+        return await User.findByIdAndDelete(userId);
+    },
+    /**
+     * Paginated users list
+     */
+    async findAll({ page = 1, limit = 20 } = {}) {
+        const skip = (page - 1) * limit;
+        const [users, total] = await Promise.all([
+            User.find()
+                .select("-password -__v")
+                .skip(skip)
+                .limit(limit)
+                .sort({ createdAt: -1 }),
+            User.countDocuments(),
+        ]);
+        return {
+            users,
+            total,
+            page,
+            totalPages: Math.ceil(total / limit),
+        };
+    },
+    /**
+     * Check email existence
+     */
+    async isEmailTaken(email) {
+        const user = await User.findOne({ email }).lean();
+        return Boolean(user);
+    },
+};
+export default userDAO;

package/templates/backend/my-backend-template/src/loggers/morgan.logger.js ADDED Viewed

@@ -0,0 +1,11 @@
+import morgan from 'morgan';
+import logger from './winston.logger.js';
+const format =
+    ':remote-addr :method :url :status :res[content-length] - :response-time ms';
+const morganLogger = morgan(format, {
+    stream: logger.stream,
+});
+export default morganLogger;

package/templates/backend/my-backend-template/src/loggers/winston.logger.js ADDED Viewed

@@ -0,0 +1,64 @@
+import winston from "winston";
+const { createLogger, format, transports } = winston;
+/*
+|--------------------------------------------------------------------------
+| Custom log format
+|--------------------------------------------------------------------------
+*/
+const logFormat = format.combine(
+    format.timestamp({ format: "YYYY-MM-DD HH:mm:ss" }),
+    format.colorize(),
+    format.printf(({ timestamp, level, message }) => {
+        return `${timestamp} [${level}]: ${message}`;
+    })
+);
+/*
+|--------------------------------------------------------------------------
+| Create logger instance
+|--------------------------------------------------------------------------
+*/
+const logger = createLogger({
+    level: process.env.NODE_ENV === "production" ? "error" : "info",
+    format: logFormat,
+    transports: [
+        // 🔴 Error logs
+        new transports.File({
+            filename: "logs/error.log",
+            level: "error",
+        }),
+        // 🟢 All logs
+        new transports.File({
+            filename: "logs/combined.log",
+        }),
+    ],
+});
+/*
+|--------------------------------------------------------------------------
+| Console logs only in development
+|--------------------------------------------------------------------------
+*/
+if (process.env.NODE_ENV !== "production") {
+    logger.add(
+        new transports.Console({
+            format: logFormat,
+        })
+    );
+}
+/*
+|--------------------------------------------------------------------------
+| 🔥 REQUIRED FOR MORGAN (IMPORTANT)
+|--------------------------------------------------------------------------
+| Morgan calls: stream.write(message)
+*/
+logger.stream = {
+    write: (message) => {
+        logger.info(message.trim());
+    },
+};
+export default logger;

package/templates/backend/my-backend-template/src/middlewares/auth.middleware.js ADDED Viewed

@@ -0,0 +1,64 @@
+import jwt from "jsonwebtoken";
+import appError from '../utils/appError.js';
+import config from "../config/config.js";
+import User from "../models/user.model.js";
+/**
+ * Protect middleware
+ * Checks if user is authenticated using JWT
+ */
+export const protect = async (req, res, next) => {
+    try {
+        let token;
+        // 1️⃣ Get token from Authorization header
+        if (
+            req.headers.authorization &&
+            req.headers.authorization.startsWith("Bearer") ||
+            req.cookies.accessToken
+        ) {
+            token = req.cookies.accessToken || req.headers.authorization.split(" ")[1];
+        }
+        // 2️⃣ If token not found
+        if (!token) {
+            return next(
+                appError("You are not logged in. Please log in to continue.", 401)
+            );
+        }
+        // 3️⃣ Verify token
+        const decoded = jwt.verify(token, config.JWT_SECRET);
+        // decoded = { id, iat, exp }
+        // 4️⃣ Check if user still exists
+        const user = await User.findById(decoded.id).select("role");
+        if (!user) {
+            return next(
+                appError("The user belonging to this token no longer exists.", 401)
+            );
+        }
+        // 5️⃣ Attach user to request
+        req.user = user;
+        next();
+    } catch (error) {
+        // 6️⃣ Token errors handling
+        if (error.name === "JsonWebTokenError") {
+            return next(appError("Invalid token. Please log in again.", 401));
+        }
+        if (error.name === "TokenExpiredError") {
+            return next(
+                appError("Your session has expired. Please log in again.", 401)
+            );
+        }
+        next(error);
+    }
+};

package/templates/backend/my-backend-template/src/middlewares/error.handler.js ADDED Viewed

@@ -0,0 +1,28 @@
+import logger from "../loggers/winston.logger.js";
+import config from "../config/config.js";
+const errorHandler = (err, req, res) => {
+    const statusCode = err.statusCode || 500;
+    const nodeEnv = config.NODE_ENV;
+    // Backend logging (FULL DETAILS)
+    logger.error(err.message, {
+        statusCode,
+        method: req.method,
+        path: req.originalUrl,
+        stack: nodeEnv === "development" ? err.stack : undefined,
+    });
+    // Frontend-safe response
+    res.status(statusCode).json({
+        success: false,
+        message:
+            nodeEnv === "production"
+                ? "Internal Server Error"
+                : err.message,
+        stack: nodeEnv === "development" ? err.stack : undefined,
+    });
+};
+export default errorHandler;

package/templates/backend/my-backend-template/src/middlewares/rateLimiter.middleware.js ADDED Viewed

@@ -0,0 +1,31 @@
+// middleware/rateLimiter.js
+import rateLimit from "express-rate-limit";
+export const generalRateLimiter = rateLimit({
+    windowMs: 15 * 60 * 1000, // 15 minutes
+    max: 100, // max 100 requests per IP
+    standardHeaders: true,
+    legacyHeaders: false,
+    handler: (req, res) => {
+        res.status(429).json({
+            success: false,
+            message: "Too many requests. Please try again later.",
+        });
+    },
+});
+export const authRateLimiter = rateLimit({
+    windowMs: 15 * 60 * 1000, // 15 minutes
+    max: 10, // only 10 login attempts
+    standardHeaders: true,
+    legacyHeaders: false,
+    handler: (req, res) => {
+        res.status(429).json({
+            success: false,
+            message:
+                "Too many login attempts. Please try again after some time.",
+        });
+    },
+});